Sourced from shivammathur/setup-php's releases.

2.37.1

Changelog

Security Updates

• Fixed shell command escaping and PHP version input validation. (GHSA-pqwm-q9pv-ph8r / CVE-2026-46420)

[!NOTE] This can affect workflows that pass values from users or pull requests to setup-php, for example from comments, dispatch inputs, PR titles/branches, generated matrices, or files such as .php-version and composer.json. Be especially careful with pull_request_target workflows that use any value from the pull request. Workflows that only use fixed trusted values are not expected to be affected, but updating to 2.37.1 is recommended.

• Fixed GitHub auth handling for Composer versions affected by GHSA-f9f8-rm49-7jv2. It should now skip configuring GitHub OAuth if affected Composer versions are installed and show a warning to upgrade. (GHSA-5wxr-w449-57cm / CVE-2026-45793)

[!NOTE]
This only affects workflows where the composer version is pinned like composer:2.9.7, workflows that do not pin the version or use composer:v2 are not affected as those get automatic updates. In case you pin the version, it is highly recommended to upgrade and have automation to do such timely upgrades in your workflows.

Fixes and Improvements

• Fixed support for phalcon on Windows.

• Fixed restoring tools when using cached using previous runs.

• Improved enabling gearman extension on Linux.

• Fixed fallback when installing PhpManager and VcRedist modules on Windows.

• Fixed parsing extension inputs with backslash line continuation.

• Improved workflow examples

  • Added workflow examples for Drupal 11 composer-managed projects and WordPress plugins.
  • Added workflow examples for Yii3 web applications and replaced Yii2 Starter Kit examples.
  • Updated workflow examples to use currently supported PHP versions.

• Updated OS release mappings for newer Ubuntu releases.

• Updated internal workflows for Codecov v6 and NPM trusted publishing.

• Updated Node.js dependencies.

• Fixed composer version in README. (#1081)

Thanks @​Pyker for the contribution

For the complete list of changes, please refer to the Full Changelog

• 7c071df Bump version to 2.37.1
• eeef37e GHSA-pqwm-q9pv-ph8r - Fix CWE-78 [skip ci]
• 0dc3306 Fix phalcon5 support on Windows
• 680a983 Fix phalcon version for PHP 8.0 [skip ci]
• 694649a Fix mutable tool cache restore
• 46a991b Merge pull request #1081 from Pyker/patch-1
• 7748c24 GHSA-f9f8-rm49-7jv2: Fix GitHub auth handling for composer in affected versions
• ac9c953 Fix composer v2 version in README
• 7729e41 Improve enabling gearman [skip ci]
• af2322b Fix fallback in Install-PSPackage on Windows
• Additional commits viewable in compare view

Sourced from docker/setup-qemu-action's releases.

v4.1.0

• Add reset input to uninstall current emulators by @​crazy-max in docker/setup-qemu-action#21
• Bump @​docker/actions-toolkit from 0.77.0 to 0.91.0 in docker/setup-qemu-action#250 docker/setup-qemu-action#247
• Bump brace-expansion from 1.1.12 to 1.1.15 in docker/setup-qemu-action#265
• Bump fast-xml-builder from 1.0.0 to 1.2.0 in docker/setup-qemu-action#286
• Bump fast-xml-parser from 5.4.2 to 5.8.0 in docker/setup-qemu-action#255
• Bump flatted from 3.3.3 to 3.4.2 in docker/setup-qemu-action#257
• Bump glob from 10.3.15 to 10.5.0 in docker/setup-qemu-action#254
• Bump handlebars from 4.7.8 to 4.7.9 in docker/setup-qemu-action#262
• Bump lodash from 4.17.23 to 4.18.1 in docker/setup-qemu-action#273
• Bump postcss from 8.5.6 to 8.5.10 in docker/setup-qemu-action#285
• Bump tar from 6.2.1 to 7.5.15 in docker/setup-qemu-action#287
• Bump tmp from 0.2.5 to 0.2.6 in docker/setup-qemu-action#291
• Bump undici from 6.23.0 to 6.26.0 in docker/setup-qemu-action#251
• Bump vite from 7.3.1 to 7.3.2 in docker/setup-qemu-action#271

Full Changelog: docker/setup-qemu-action@v4.0.0...v4.1.0

• 0611638 Merge pull request #21 from crazy-max/uninst
• ce59c81 chore: update generated content
• 2ddad44 uninstall current emulators
• 8c37cd6 Merge pull request #250 from docker/dependabot/npm_and_yarn/docker/actions-to...
• d1a0ff3 chore: update generated content
• 0a8f3dc build(deps): bump @​docker/actions-toolkit from 0.79.0 to 0.91.0
• 9430f61 Merge pull request #291 from docker/dependabot/npm_and_yarn/tmp-0.2.6
• 978bd77 chore: update generated content
• 3479feb build(deps): bump tmp from 0.2.5 to 0.2.6
• b113c26 Merge pull request #255 from docker/dependabot/npm_and_yarn/fast-xml-parser-5...
• Additional commits viewable in compare view

Sourced from docker/setup-buildx-action's releases.

v4.1.0

• Bump @​docker/actions-toolkit from 0.79.0 to 0.90.0 in docker/setup-buildx-action#489
• Bump brace-expansion from 1.1.12 to 5.0.6 in docker/setup-buildx-action#547 docker/setup-buildx-action#508
• Bump fast-xml-builder from 1.0.0 to 1.2.0 in docker/setup-buildx-action#540
• Bump fast-xml-parser from 5.4.2 to 5.8.0 in docker/setup-buildx-action#496
• Bump flatted from 3.3.3 to 3.4.2 in docker/setup-buildx-action#499
• Bump glob from 10.3.12 to 13.0.6 in docker/setup-buildx-action#495
• Bump handlebars from 4.7.8 to 4.7.9 in docker/setup-buildx-action#504
• Bump lodash from 4.17.23 to 4.18.1 in docker/setup-buildx-action#523
• Bump picomatch from 4.0.3 to 4.0.4 in docker/setup-buildx-action#503
• Bump postcss from 8.5.6 to 8.5.10 in docker/setup-buildx-action#537
• Bump tar from 6.2.1 to 7.5.15 in docker/setup-buildx-action#545
• Bump undici from 6.23.0 to 6.25.0 in docker/setup-buildx-action#492
• Bump vite from 7.3.1 to 7.3.2 in docker/setup-buildx-action#520

Full Changelog: docker/setup-buildx-action@v4.0.0...v4.1.0

• d7f5e7f Merge pull request #489 from docker/dependabot/npm_and_yarn/docker/actions-to...
• 92bc5c9 chore: update generated content
• da11e35 build(deps): bump @​docker/actions-toolkit from 0.79.0 to 0.90.0
• f021e16 Merge pull request #492 from docker/dependabot/npm_and_yarn/undici-6.24.1
• b5af94f chore: update generated content
• 16ad977 build(deps): bump undici from 6.23.0 to 6.25.0
• d7a12d7 Merge pull request #495 from docker/dependabot/npm_and_yarn/glob-10.5.0
• 28ff27d build(deps): bump glob from 10.3.12 to 13.0.6
• daf436b Merge pull request #496 from docker/dependabot/npm_and_yarn/fast-xml-parser-5...
• 9725348 chore: update generated content
• Additional commits viewable in compare view

Sourced from docker/login-action's releases.

v4.2.0

• Bump @​actions/core from 3.0.0 to 3.0.1 in docker/login-action#976
• Bump @​aws-sdk/client-ecr and @​aws-sdk/client-ecr-public to 3.1050.0 in docker/login-action#960
• Bump @​docker/actions-toolkit from 0.86.0 to 0.90.0 in docker/login-action#970
• Bump brace-expansion from 2.0.1 to 5.0.6 in docker/login-action#993
• Bump fast-xml-builder from 1.1.4 to 1.2.0 in docker/login-action#985
• Bump fast-xml-parser from 5.3.6 to 5.8.0 in docker/login-action#963
• Bump http-proxy-agent and https-proxy-agent to 9.0.0 in docker/login-action#961
• Bump postcss from 8.5.6 to 8.5.10 in docker/login-action#979
• Bump tar from 6.2.1 to 7.5.15 in docker/login-action#991
• Bump vite from 7.3.1 to 7.3.3 in docker/login-action#986

Full Changelog: docker/login-action@v4.1.0...v4.2.0

v4.1.0

• Fix scoped Docker Hub cleanup path when registry is omitted by @​crazy-max in docker/login-action#945
• Bump @​aws-sdk/client-ecr and @​aws-sdk/client-ecr-public to 3.1020.0 in docker/login-action#930
• Bump @​docker/actions-toolkit from 0.77.0 to 0.86.0 in docker/login-action#932 docker/login-action#936
• Bump brace-expansion from 1.1.12 to 1.1.13 in docker/login-action#952
• Bump fast-xml-parser from 5.3.4 to 5.3.6 in docker/login-action#942
• Bump flatted from 3.3.3 to 3.4.2 in docker/login-action#944
• Bump glob from 10.3.12 to 10.5.0 in docker/login-action#940
• Bump handlebars from 4.7.8 to 4.7.9 in docker/login-action#949
• Bump http-proxy-agent and https-proxy-agent to 8.0.0 in docker/login-action#937
• Bump lodash from 4.17.23 to 4.18.1 in docker/login-action#958
• Bump minimatch from 3.1.2 to 3.1.5 in docker/login-action#941
• Bump picomatch from 4.0.3 to 4.0.4 in docker/login-action#948
• Bump undici from 6.23.0 to 6.24.1 in docker/login-action#938

Full Changelog: docker/login-action@v4.0.0...v4.1.0

• 650006c Merge pull request #960 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
• 99df1a3 chore: update generated content
• 3ab375f build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...
• 39d8580 Merge pull request #970 from docker/dependabot/npm_and_yarn/docker/actions-to...
• 4eefcd3 chore: update generated content
• 56d092c build(deps): bump @​docker/actions-toolkit from 0.86.0 to 0.90.0
• e2e31ca Merge pull request #976 from docker/dependabot/npm_and_yarn/actions/core-3.0.1
• 0bced94 chore: update generated content
• 3e75a0f build(deps): bump @​actions/core from 3.0.0 to 3.0.1
• 365bebd Merge pull request #984 from docker/dependabot/github_actions/aws-actions/con...
• Additional commits viewable in compare view

Sourced from docker/build-push-action's releases.

v7.2.0

• Bump @​actions/core from 3.0.0 to 3.0.1 in docker/build-push-action#1525
• Bump @​docker/actions-toolkit from 0.87.0 to 0.90.0 in docker/build-push-action#1517
• Bump brace-expansion from 2.0.2 to 5.0.6 in docker/build-push-action#1534
• Bump fast-xml-builder from 1.1.4 to 1.2.0 in docker/build-push-action#1529
• Bump fast-xml-parser from 5.5.7 to 5.8.0 in docker/build-push-action#1521
• Bump postcss from 8.5.6 to 8.5.10 in docker/build-push-action#1526
• Bump tar from 6.2.1 to 7.5.15 in docker/build-push-action#1533

Full Changelog: docker/build-push-action@v7.1.0...v7.2.0

v7.1.0

• Git context query format support by @​crazy-max in docker/build-push-action#1505
• Bump @​docker/actions-toolkit from 0.79.0 to 0.87.0 by @​crazy-max in docker/build-push-action#1505
• Bump brace-expansion from 1.1.12 to 1.1.13 in docker/build-push-action#1500
• Bump fast-xml-parser from 5.4.2 to 5.5.7 in docker/build-push-action#1489
• Bump flatted from 3.3.3 to 3.4.2 in docker/build-push-action#1491
• Bump glob from 10.3.12 to 10.5.0 in docker/build-push-action#1490
• Bump handlebars from 4.7.8 to 4.7.9 in docker/build-push-action#1497
• Bump lodash from 4.17.23 to 4.18.1 in docker/build-push-action#1510
• Bump picomatch from 4.0.3 to 4.0.4 in docker/build-push-action#1496
• Bump undici from 6.23.0 to 6.24.1 in docker/build-push-action#1486
• Bump vite from 7.3.1 to 7.3.2 in docker/build-push-action#1509

Full Changelog: docker/build-push-action@v7.0.0...v7.1.0

• f9f3042 Merge pull request #1517 from docker/dependabot/npm_and_yarn/docker/actions-t...
• 812d5fd chore: update generated content
• b6f6693 chore(deps): Bump @​docker/actions-toolkit from 0.87.0 to 0.90.0
• c1c626e Merge pull request #1525 from docker/dependabot/npm_and_yarn/actions/core-3.0.1
• 51bb284 chore: update generated content
• 5f7884d chore(deps): Bump @​actions/core from 3.0.0 to 3.0.1
• e01deff Merge pull request #1521 from docker/dependabot/npm_and_yarn/fast-xml-parser-...
• 3804d49 chore: update generated content
• 71e8947 chore(deps): Bump fast-xml-parser from 5.5.7 to 5.8.0
• 4925ad2 Merge pull request #1526 from docker/dependabot/npm_and_yarn/postcss-8.5.10
• Additional commits viewable in compare view

• ded1f94 Update to version 23.2.0.
• dc5dad9 Add 10-day cooldown period to Dependabot updates.
• 64b1c6a Add package-lock.json for reproducible builds (fixes #362).
• 6c62e06 Bump eslint-plugin-n from 17.24.0 to 18.0.0
• 9b5720c Bump eslint from 10.2.1 to 10.3.0
• 6b51ade Update to version 23.1.0.
• ea6e0da Freshen generated index.js file.
• 3c4c2c8 Bump markdownlint-cli2 from 0.22.0 to 0.22.1
• 3a933d4 Bump @​actions/core from 3.0.0 to 3.0.1
• 648042e Freshen generated index.js file.
• Additional commits viewable in compare view

Sourced from actions/cache's releases.

v5.0.5

What's Changed

• Update ts-http-runtime dependency by @​yacaovsnc in actions/cache#1747

Full Changelog: actions/cache@v5...v5.0.5

Sourced from actions/cache's changelog.

Releases

How to prepare a release

[!NOTE]
Relevant for maintainers with write access only.

1. Switch to a new branch from main.
2. Run npm test to ensure all tests are passing.
3. Update the version in https://github.com/actions/cache/blob/main/package.json.
4. Run npm run build to update the compiled files.
5. Update this https://github.com/actions/cache/blob/main/RELEASES.md with the new version and changes in the ## Changelog section.
6. Run licensed cache to update the license report.
7. Run licensed status and resolve any warnings by updating the https://github.com/actions/cache/blob/main/.licensed.yml file with the exceptions.
8. Commit your changes and push your branch upstream.
9. Open a pull request against main and get it reviewed and merged.
10. Draft a new release https://github.com/actions/cache/releases use the same version number used in package.json
    1. Create a new tag with the version number.
    2. Auto generate release notes and update them to match the changes you made in RELEASES.md.
    3. Toggle the set as the latest release option.
    4. Publish the release.
11. Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml
    1. There should be a workflow run queued with the same version number.
    2. Approve the run to publish the new version and update the major tags for this action.

Changelog

5.0.4

• Bump minimatch to v3.1.5 (fixes ReDoS via globstar patterns)
• Bump undici to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)
• Bump fast-xml-parser to v5.5.6

5.0.3

• Bump @actions/cache to v5.0.5 (Resolves: https://github.com/actions/cache/security/dependabot/33)
• Bump @actions/core to v2.0.3

5.0.2

• Bump @actions/cache to v5.0.3 #1692

5.0.1

• Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

... (truncated)

• 27d5ce7 Merge pull request #1747 from actions/yacaovsnc/update-dependency
• f280785 licensed changes
• 619aeb1 npm run build generated dist files
• bcf16c2 Update ts-http-runtime to 0.3.5
• See full diff in compare view

Sourced from peaceiris/actions-gh-pages's releases.

actions-github-pages v4.1.0

See CHANGELOG.md for more details.

What's Changed

• Actions examples: update to modern versions of actions by @​clintonsteiner in peaceiris/actions-gh-pages#1117
• chore: update Node runtime and dependencies by @​peaceiris in peaceiris/actions-gh-pages#1147
• ci: harden GitHub Actions workflows by @​peaceiris in peaceiris/actions-gh-pages#1156

New Contributors

• @​clintonsteiner made their first contribution in peaceiris/actions-gh-pages#1117

Full Changelog: peaceiris/actions-gh-pages@v4.0.0...v4.1.0

Sourced from peaceiris/actions-gh-pages's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

4.1.0 (2026-05-12)

chore

• add .codex/ (94ae2d2)
• add hasInstallScript true (494ec9b)
• update Node runtime and dependencies (#1147) (954f6bf), closes #1147

ci

• change automerge to false (4b09552)
• harden GitHub Actions workflows (#1156) (aa0466c), closes #1156

docs

• add repository guidelines (a1f94b5)
• bump to v4 from v3 (a16b61f)
• fix note style (0b7567f)
• update versions of actions (#1117) (aa83d0c), closes #1117

4.0.0 (2024-04-08)

build

• node 20.11.1 (5049354)

chore

• bump node16 to node20 (#1067) (4eb285e), closes #1067
• downgrade engines.npm to 8.0.0 (87231bc)

ci

• pin node-version to 18 (#981) (65ebf11), closes #981

docs

• add Release Strategy (67f80d9)
• fix link to Nuxt github-pages (#980) (88b4d2a), closes #980
• remove braces in if conditions (#920) (0fbd122), closes #920

... (truncated)

• 84c30a8 chore(release): 4.1.0
• 6fa0f50 chore(release): Add build assets
• 3b7506a chore(deps): update dependency trim-newlines to v5 (#1158)
• aa0466c ci: harden GitHub Actions workflows (#1156)
• 31835fb chore(deps): update actions/labeler action to v6 (#1153)
• f4f1bc4 chore(deps): update peaceiris/actions-mdbook action to v2 (#1161)
• a5e4979 chore(deps): update dependency ubuntu to v24 (#1159)
• 6cc3bac chore(deps): update github/codeql-action action to v4 (#1160)
• 0d6e9f4 chore(deps): update actions/setup-node action to v6 (#1154)
• d70c101 chore(deps): update actions/upload-artifact action to v7 (#1155)
• Additional commits viewable in compare view

Sourced from dawidd6/action-download-artifact's releases.

v21

What's Changed

• build(deps): bump @​actions/github from 9.0.0 to 9.1.0 by @​dependabot[bot] in dawidd6/action-download-artifact#396
• build(deps): bump filesize from 11.0.15 to 11.0.16 by @​dependabot[bot] in dawidd6/action-download-artifact#399
• build(deps): bump fast-xml-parser from 5.5.7 to 5.7.1 by @​dependabot[bot] in dawidd6/action-download-artifact#402
• build(deps): bump @​actions/github from 9.1.0 to 9.1.1 by @​dependabot[bot] in dawidd6/action-download-artifact#400
• build(deps): bump @​actions/core from 3.0.0 to 3.0.1 by @​dependabot[bot] in dawidd6/action-download-artifact#401
• build(deps): bump filesize from 11.0.16 to 11.0.17 by @​dependabot[bot] in dawidd6/action-download-artifact#404
• Download artifacts in creation order by @​matejdro in dawidd6/action-download-artifact#398
• node_modules: update by @​dawidd6 in dawidd6/action-download-artifact#405

New Contributors

• @​matejdro made their first contribution in dawidd6/action-download-artifact#398

Full Changelog: dawidd6/action-download-artifact@v20...v21

v20

What's Changed

• build(deps): bump fast-xml-parser from 5.5.6 to 5.5.7 by @​dependabot[bot] in dawidd6/action-download-artifact#387
• node_modules: update by @​dawidd6 in dawidd6/action-download-artifact#388
• build(deps): bump filesize from 11.0.13 to 11.0.14 by @​dependabot[bot] in dawidd6/action-download-artifact#389
• build(deps): bump brace-expansion by @​dependabot[bot] in dawidd6/action-download-artifact#390
• node_modules: update by @​dawidd6 in dawidd6/action-download-artifact#391
• build(deps): bump filesize from 11.0.14 to 11.0.15 by @​dependabot[bot] in dawidd6/action-download-artifact#392
• build(deps): bump adm-zip from 0.5.16 to 0.5.17 by @​dependabot[bot] in dawidd6/action-download-artifact#393
• build(deps): bump lodash from 4.17.23 to 4.18.1 by @​dependabot[bot] in dawidd6/action-download-artifact#394
• node_modules: update by @​dawidd6 in dawidd6/action-download-artifact#395

Full Changelog: dawidd6/action-download-artifact@v19...v20

• b6e2e70 node_modules: update (#405)
• 1708cb3 Download artifacts in creation order (#398)
• 00b585a build(deps): bump filesize from 11.0.16 to 11.0.17 (#404)
• 0414c42 build(deps): bump @​actions/core from 3.0.0 to 3.0.1 (#401)
• c802aad build(deps): bump @​actions/github from 9.1.0 to 9.1.1 (#400)
• ef06691 build(deps): bump fast-xml-parser from 5.5.7 to 5.7.1 (#402)
• 026702e build(deps): bump filesize from 11.0.15 to 11.0.16 (#399)
• 09d0677 build(deps): bump @​actions/github from 9.0.0 to 9.1.0 (#396)
• 8305c0f node_modules: update (#395)
• 542af03 build(deps): bump lodash from 4.17.23 to 4.18.1 (#394)
• Additional commits viewable in compare view

Sourced from softprops/action-gh-release's releases.

v3.0.0

3.0.0 is a major release that moves the action runtime from Node 20 to Node 24. Use v3 on GitHub-hosted runners and self-hosted fleets that already support the Node 24 Actions runtime. If you still need the last Node 20-compatible line, stay on v2.6.2.

What's Changed

Other Changes 🔄

• Move the action runtime and bundle target to Node 24
• Update @types/node to the Node 24 line and allow future Dependabot updates
• Keep the floating major tag on v3; v2 remains pinned to the latest 2.x release

v2.6.2

What's Changed

Other Changes 🔄

• chore(deps): bump picomatch from 4.0.3 to 4.0.4 by @​dependabot[bot] in softprops/action-gh-release#775
• chore(deps): bump brace-expansion from 5.0.4 to 5.0.5 by @​dependabot[bot] in softprops/action-gh-release#777
• chore(deps): bump vite from 8.0.0 to 8.0.5 by @​dependabot[bot] in softprops/action-gh-release#781

Full Changelog: softprops/action-gh-release@v2...v2.6.2

Sourced from softprops/action-gh-release's changelog.

3.0.0

3.0.0 is a major release that moves the action runtime from Node 20 to Node 24. Use v3 on GitHub-hosted runners and self-hosted fleets that already support the Node 24 Actions runtime. If you still need the last Node 20-compatible line, stay on v2.6.2.

What's Changed

Other Changes 🔄

• Move the action runtime and bundle target to Node 24
• Update @types/node to the Node 24 line and allow future Dependabot updates
• Keep the floating major tag on v3; v2 remains pinned to the latest 2.x release

2.6.2

What's Changed

Other Changes 🔄

• chore(deps): bump picomatch from 4.0.3 to 4.0.4 by @​dependabot[bot] in softprops/action-gh-release#775
• chore(deps): bump brace-expansion from 5.0.4 to 5.0.5 by @​dependabot[bot] in softprops/action-gh-release#777
• chore(deps): bump vite from 8.0.0 to 8.0.5 by @​dependabot[bot] in softprops/action-gh-release#781

2.6.1

2.6.1 is a patch release focused on restoring linked discussion thread creation when discussion_category_name is set. It fixes [#764](https://github.com/softprops/action-gh-release/issues/764), where the draft-first publish flow stopped carrying the discussion category through the final publish step.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛

• fix: preserve discussion category on publish by @​chenrui333 in softprops/action-gh-release#765

2.6.0

2.6.0 is a minor release centered on previous_tag support for generate_release_notes, which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range. It also includes the recent concurrent asset upload recovery fix, a working_directory docs sync, a checked-bundle freshness guard for maintainers, and clearer immutable-prerelease guidance where GitHub platform behavior imposes constraints on how prerelease asset uploads can be published.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

... (truncated)

• b430933 release: cut v3.0.0 for Node 24 upgrade (#670)
• c2e35e0 chore(deps): bump the npm group across 1 directory with 7 updates (#783)
• 3bb1273 release 2.6.2
• c34030f chore: bump node to 24.14.1
• 8975bd0 chore(deps): bump vite from 8.0.0 to 8.0.5 (#781)
• f71937f chore(deps): bump brace-expansion from 5.0.4 to 5.0.5 (#777)
• 3f0d239 chore(deps): bump picomatch from 4.0.3 to 4.0.4 (#775)
• See full diff in compare view

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v8.1.1

What's Changed

• build(deps-dev): bump the npm group with 2 updates by @​dependabot[bot] in peter-evans/create-pull-request#4305
• build(deps): bump minimatch by @​dependabot[bot] in peter-evans/create-pull-request#4311
• build(deps): bump the github-actions group with 2 updates by @​dependabot[bot] in peter-evans/create-pull-request#4316
• build(deps): bump @​tootallnate/once and jest-environment-jsdom by @​dependabot[bot] in peter-evans/create-pull-request#4323
• build(deps-dev): bump undici from 6.23.0 to 6.24.0 by @​dependabot[bot] in peter-evans/create-pull-request#4328
• build(deps-dev): bump flatted from 3.3.1 to 3.4.2 by @​dependabot[bot] in peter-evans/create-pull-request#4334
• build(deps): bump picomatch by @​dependabot[bot] in peter-evans/create-pull-request#4339
• build(deps-dev): bump handlebars from 4.7.8 to 4.7.9 by @​dependabot[bot] in peter-evans/create-pull-request#4344
• build(deps-dev): bump the npm group with 3 updates by @​dependabot[bot] in peter-evans/create-pull-request#4349
• fix: retry post-creation API calls on 422 eventual consistency errors by @​peter-evans in peter-evans/create-pull-request#4356

Full Changelog: